You are viewing an earlier version of the admin guide. For the latest version, please visit EmpowerID Admin Guide v7.211.0.0.
ServiceNow Connector
EmpowerID and ServiceNow – Better Together
By combining two best of breed solutions you can enhance the service management capabilities of ServiceNow with the Compliant Access Delivery platform of EmpowerID to provide true end to end secure automation of critical processes for your global and mobile workforce. EmpowerID inventories and automates the lifecycle of identities and their access within your ServiceNow landscape to ensure visibility and control over these critical systems. In addition, EmpowerID provides an Orchestration Pack that can be deployed directly within your ServiceNow systems. The Orchestration Pack and associated EmpowerID connectors and jobs empower business workflows within ServiceNow by providing them an accurate catalog of requestable entitlements from all your on-premise and Cloud systems and the ability for immediate access fulfillment in target systems upon approval.
Identity Lifecycle for ServiceNow
EmpowerID Identity Lifecycle for ServiceNow automates account provisioning and access assignment. Automation of policy-based “Compliant Access” eliminates security problems and human errors associated with the manual user creation and access assignment for ServiceNow. Lifecycle events can be triggered manually by workflows but are most often detected as changes coming from the HR system. EmpowerID handles provisioning and deprovisioning across all your environments and tenants. On deprovisioning, policy settings allow for graceful handover of responsibilities and the transfer of data ownership.
Zero Trust Delegated Administration for ServiceNow
The out of the box roles and security model in ServiceNow can challenge for organization’s pursuing a Zero Trust strategy. One of the key tenants of the Zero Trust model is that users should not be granted permanent unproxied access to systems. Unproxied access cannot be easily monitored and permanent privileged access is an opening waiting to be compromised by an attacker. EmpowerID’s supports a Zero Trust strategy by overlaying a single unified security model on top of ServiceNow. This allows organizations to delegate granular administrative privileges to users within specific business units or partner organizations even though this granularity is not supported in the ServiceNow security model itself. Fine-grained delegations support even the most complex global organizations and multi-tenancy scenarios to control exactly who may see which objects and identities and who may perform which tasks, all without granting any native administrative privileges.
ServiceNow Compliance and Recertification
EmpowerID allows your ServiceNow team to breeze through audits. Maintaining control and visibility over your many ServiceNow environments can pose a huge headache for auditors. It may be difficult to prove who has access to applications and roles in order to complete a certification process. But producing this proof becomes almost automatic with EmpowerID. EmpowerID maintains an update to date audit and can provide complete control over who has access to what across all your ServiceNow tenants. Built-in attestation policies allow for rapid periodic recertification of ServiceNow group and role assignments eliminating the hassle of auditing this critical infrastructure. EmpowerID also categorizes external users to allow their access to be reviewed and analyzed separately. Risk-based separation of duties policies also allow you to define toxic combinations of access, so they can be detected, and remediated if discovered.
Orchestration Pack – Entitlement Sync and Workflows
The Orchestration Pack for ServiceNow provides ServiceNow process designers with workflow activities, web services, and example workflows to embed EmpowerID capabilities within their ServiceNow business processes. EmpowerID includes a job that synchronizes and maintains an up to date list of requestable groups and roles from the EmpowerID Identity Warehouse to custom tables in your ServiceNow tenants. Using the embedding EmpowerID workflow activities in your ServiceNow workflows, users can request access to entitlements in any EmpowerID connected system from the familiar ServiceNow Service Catalog. Example workflows for employee onboarding, group access requests, and role access requests can be used in production but are intended to be leveraged by ServiceNow process designers in existing and future workflows.
AI Powered Chat Bot Virtual Assistant
Empower users to perform self-service automation of any IT task through an intelligent chat bot virtual assistant. The EmpowerID chat bot enables users to perform secure self-service at any time using their preferred communication channel (SMS, Teams, web, mobile, ServiceNow portal). Behind the scenes, the chat bot interacts with EmpowerID’s visually designed workflows to securely automate IGA processes that interact with your Cloud and on-premise applications and systems.
Empower end users with self-service for repetitive tasks like:
- Self-service forgotten password reset and unlock
- Application and group access requests
- SAP role access requests
- Privileged credential check-out and check-in
- Vaulting personal or shared credentials
- Mobile login to SSO applications
- Expose any additional workflows to end users through the chat bot
Getting Started
Overview of the ServiceNow Connector
Connecting to ServiceNow
Configure Service Catalog Requests
Configuring Service Catalog Requests
Deploying EmpowerID Items to New Instances
Deploying EmpowerID Items to New Instances